为什么当 wget 和 ping 工作时我的 libvirt VM 无法与 apt 存储库通信?

为什么当 wget 和 ping 工作时我的 libvirt VM 无法与 apt 存储库通信?

我正在尝试使用 Vagrant 和 Puppet 来更轻松地为我们的网站复制多服务器设置。建议的工作流程是vagrant up首先专门针对 puppetmaster 服务器,然后使用它来配置其余服务器。因此,我在主服务器上运行此 shell 脚本:

#!/usr/bin/env bash
set -e

if [ "$EUID" -ne "0" ] ; then
    echo "Script must be run as root." >&2
    exit 1
fi

if [ -e /etc/init.d/puppetmaster ] ; then
    echo "Puppetmaster is already installed."
    exit 0
fi

echo "Installing Puppet repo for Debian Wheezy"
wget -qO /tmp/puppetlabs-release-wheezy.deb \
    https://apt.puppetlabs.com/puppetlabs-release-wheezy.deb

dpkg -i /tmp/puppetlabs-release-wheezy.deb
rm /tmp/puppetlabs-release-wheezy.deb
aptitude update
echo Installing Puppetmaster.
aptitude install -y puppetmaster facter
echo "Puppet installed!"
cp /tmp/puppet.conf /etc/puppet/puppet.conf
puppet resource package hiera ensure=installed
echo "Hiera installed!"
cp /tmp/hiera.yaml /etc/puppet/hiera.yaml

我的盒子是 baremettle/debian-7.5。

Vagrant文​​件:

Vagrant.configure("2") do |config|
    # Supports local cache, don't waste bandwidth.
    # Do `vagrant plugin install vagrant-cachier`
    # https://github.com/fgrehm/vagrant-cachier
    if Vagrant.has_plugin?("vagrant-cachier")
        config.cache.auto_detect = true
        config.cache.scope = :box
    end

    # All Vagrant configuration is done here. The most common configuration
    # options are documented and commented below. For a complete reference,
    # please see the online documentation at vagrantup.com.

    # Every Vagrant virtual environment requires a box to build off of.
    config.vm.box = "baremettle/debian-7.5"

    config.vm.provider :libvirt do |lv|
        lv.driver = 'kvm'
        lv.connect_via_ssh = false
        lv.storage_pool_name = 'default'
    end

    config.ssh.forward_agent = true
    config.ssh.shell = "bash -c 'BASH_ENV=/etc/profile exec bash'"

    config.vm.define :memcache, primary: true do |mem|
        mem.vm.hostname = "memcache.local"
        mem.vm.network :private_network, ip: "192.168.122.20"

        mem.vm.provider :libvirt do |lv|
            lv.memory = 1024
        end

        mem.vm.provision :file, source: "master/puppet.conf", destination: "/tmp/puppet.conf"
        mem.vm.provision :file, source: "master/hiera.yaml", destination: "/tmp/hiera.yaml"
        mem.vm.provision :shell, path: "bootstrap.sh"
        mem.vm.provision :puppet, module_path: "master/modules", manifests_path: "master/manifests", manifest_file: "default.pp"
        mem.vm.provision :puppet_server do |puppet|
            puppet.options = '--verbose --waitforcert 30'
            puppet.puppet_server = "memcache.local"
        end
        mem.vm.synced_folder "puppet/manifests", "/etc/puppet/environments/production/manifests", type: 'nfs'
        mem.vm.synced_folder "puppet/modules", "/etc/puppet/environments/production/modules", type: 'nfs'
        mem.vm.synced_folder "master/hieradata", "/etc/puppet/environments/production/hieradata", type: 'nfs'
    end
end

现在,问题在aptitude update运行时出现。它只是停留在那里,没有任何错误消息。进程没有占用任何 CPU。从未发生过超时,甚至进度从 0% 开始也没有。

这听起来像是防火墙问题,但使用 wget 下载 .deb 是可行的。我可以 ping mirrors.kernel.org,这是 sources.list 中列出的存储库。如果我真的想,我相信我可以找到正确的软件包文件并手动下载它们,但没人愿意这样做。

vagrant sshup如果我先中断命令,则工作正常。执行sudo apt-get updateinstall执行相同的操作。

哪里出了问题?我不知道还要检查什么。APT 是否使用了一些奇怪的 HTTP 变体来攻击我的防火墙?我知道去年我上次查看这个项目时,这种方法是有效的。

命脉:

  • x86_64
  • Linux Mint 17(主机)
  • Debian Wheezy 7.5(来宾)
  • Vagrant 1.6.5
  • libvirt0 1.2.2-0ubuntu13.1.6
  • vagrant-libvirt 插件 0.0.24

相关内容